Hello, On 12/12/11 10:32, Lionel Elie Mamane wrote: >> We bundle OpenSSL with LibreOffice, > We do? Oh, great, I had missed that.
OK, so what I did now is following: 1) We build the static library with ssl and ldap support on all platforms currently. 2) I patched the postgresql configury so that it has an option --with-mozldap. This one is used when we use internally in LO mozilla for ldap connections. Without that option, the stuff falls on openldap. Not sure it works, but it builds. >> It should be possible to assume as a system library for Linux and >> MacOSX > OK, good. I did completely leave the kerberos outside. Anybody that wants to make it work on MacOSX will not have too difficult work I guess. I don't dare to do anything about it on Linux, since I don't know how it will affect our baseline. Nevertheless, let us assume that typical LO user will be ok with ldap and ssl. > It depends what value we give to "really". My guess is that it is > desirable. Without it our internal libpq has one less feature. I don't > have a good idea of how significant that feature is, since Windows has > some Kerberos implementation, too; libpq (if compiled with support for > both) allows to choose which one to use at runtime. What are the > compared compatibility issues and/or features of both, I don't > know. For example, can the Windows Kerberos client authenticate > against all Unix Kerberos setups that MIT-Kerberos/GSSAPI can > authenticate against? I guess that if the PostgreSQL project went the > extra mile of allowing simultaneous support for both, selectable at > run-time and all that, this means at least some users benefit from it. OK, in my humble opinion, let Windows users select this kind of thing on runtime is a sure path to hell. But as it stands, the libpq that we build uses some of the win32 security apis for authentication, so I would assume that the users should be able to do what they need from their windows posts. Those productive things like mailmerge with pgsql database of all employees and so on :) > Yes, but libpq "as is" AFAIK cannot use Mozilla-LDAP. Maybe it can be > hacked to do that. Are OpenLDAP and Mozilla-LDAP API-compatible, so > that we can just use Mozilla-LDAP headers and libraries where libpq > assumes OpenLDAP, and not change anything the in the libpq sources? > Then I guess it would be easy enough indeed. Yup, it was hacked to do that now :) Cheers F. _______________________________________________ LibreOffice mailing list LibreOffice@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/libreoffice